What is CVE-2022-0435?

CVE-2022-0435 is a vulnerability in Kernel, classified under Out-of-bounds Write. Published 2022-03-25.

Is CVE-2022-0435 known to be exploited?

31 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Kernel

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user…

Vulnerability class: Buffer Overflow

EPSS: 0.543 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a Kernel — versions kernel 5.17-rc4

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

Public proof-of-concept exploits

Spydomain/CVE-2022-0435-Poc
wlswotmd/CVE-2022-0435
sandesh9978/CVE-2022-0435
ARPSyndicate/cvemon
Jalexander798/JA_
P3gEcTH8uJiYFVKb7lIn/awesome-list
bachkhoasoft/awesome-list-ks
bollwarm/SecToolSet
k0mi-tg/CVE-POC
kdn111/linux-kernel-exploitation

References

bugzilla.redhat.com/show_bug.cgi
www.openwall.com/lists/oss-security/2022/02/10/1
security.netapp.com/advisory/ntap-20220602-0001/

Frequently asked questions

What is CVE-2022-0435?: CVE-2022-0435 is a vulnerability in Kernel, classified under Out-of-bounds Write. Published 2022-03-25.
Is CVE-2022-0435 known to be exploited?: 31 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.